General

Malware Config

Signatures

Files

• d4a8a88a20b7e53ce9c25c08294edf15fe57d2075c401c1bfae9b990fa892029

  .exe windows x86

  b52abc118350126f688f1f8a350394ad

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryExA

  LocalFree

  lstrlenW

  MulDiv

  GetFullPathNameA

  GetFileAttributesA

  DosDateTimeToFileTime

  LocalFileTimeToFileTime

  IsDBCSLeadByte

  LeaveCriticalSection

  RaiseException

  EnterCriticalSection

  SizeofResource

  LoadResource

  FindResourceA

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  InterlockedIncrement

  GetCurrentThreadId

  FlushInstructionCache

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  lstrcmpA

  CreateMutexA

  CreateFileW

  SetEndOfFile

  FlushFileBuffers

  WriteConsoleW

  SetStdHandle

  SetFilePointer

  GetConsoleMode

  GetConsoleCP

  ReadFile

  GetTickCount

  QueryPerformanceCounter

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  Sleep

  GetStringTypeW

  IsValidLocale

  EnumSystemLocalesA

  GetLocaleInfoA

  GetLocaleInfoW

  GetUserDefaultLCID

  HeapReAlloc

  HeapSize

  LCMapStringW

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  HeapCreate

  GetStdHandle

  ExitProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlUnwind

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  VirtualQuery

  GetSystemInfo

  VirtualProtect

  DecodePointer

  EncodePointer

  GetSystemTimeAsFileTime

  InterlockedPopEntrySList

  VirtualAlloc

  VirtualFree

  IsProcessorFeaturePresent

  HeapAlloc

  GetProcessHeap

  HeapFree

  InterlockedPushEntrySList

  InterlockedCompareExchange

  InterlockedDecrement

  WriteFile

  SetFileTime

  GetFileTime

  CreateDirectoryA

  FreeLibrary

  OutputDebugStringA

  GetModuleFileNameW

  LoadLibraryW

  LoadLibraryA

  GetFileAttributesW

  GetModuleHandleW

  GetModuleFileNameA

  GetWindowsDirectoryA

  GetTempFileNameA

  GetTempPathA

  DeleteFileA

  FindClose

  FindFirstFileA

  GetSystemDirectoryA

  DeviceIoControl

  lstrlenA

  lstrcmpiA

  TerminateProcess

  SetLastError

  GetCurrentProcessId

  GetLastError

  GetCurrentProcess

  GetModuleHandleA

  GetProcAddress

  GetVersion

  GetVersionExA

  GetPrivateProfileStringA

  WideCharToMultiByte

  MultiByteToWideChar

  CloseHandle

  CreateFileA

  FreeEnvironmentStringsW

  user32

  GetWindowRect

  GetClientRect

  GetWindow

  GetSystemMetrics

  wsprintfA

  GetParent

  GetWindowLongA

  SetWindowPos

  ScreenToClient

  CreateAcceleratorTableA

  DestroyWindow

  GetClassInfoExA

  RedrawWindow

  IsWindow

  GetDlgItem

  IsChild

  SetWindowTextA

  GetWindowTextA

  GetWindowTextLengthA

  PeekMessageA

  TranslateMessage

  DispatchMessageA

  SetFocus

  FindWindowA

  GetClassNameA

  GetFocus

  UnregisterClassA

  GetDesktopWindow

  RegisterWindowMessageA

  MoveWindow

  InvalidateRgn

  CallWindowProcA

  GetDC

  ReleaseDC

  DestroyAcceleratorTable

  RegisterClassExA

  CharNextA

  SetRect

  FillRect

  GetSysColor

  DefWindowProcA

  SetCursor

  KillTimer

  GetCursorPos

  ReleaseCapture

  SetTimer

  GetCapture

  GetForegroundWindow

  SetCapture

  EndPaint

  BeginPaint

  InvalidateRect

  SetWindowLongA

  RegisterClassA

  LoadCursorA

  SendMessageA

  CreateWindowExA

  LoadBitmapA

  PtInRect

  ClientToScreen

  gdi32

  CreateCompatibleDC

  SelectObject

  GetObjectA

  BitBlt

  DeleteDC

  DeleteObject

  CreatePen

  CreateCompatibleBitmap

  CreateSolidBrush

  LineTo

  GetStockObject

  GetDeviceCaps

  RoundRect

  MoveToEx

  advapi32

  RegSetValueExA

  RegEnumKeyExA

  RegDeleteKeyA

  RegDeleteValueA

  RegCloseKey

  RegQueryValueExA

  RegCreateKeyExA

  RegOpenKeyExA

  FreeSid

  CheckTokenMembership

  AllocateAndInitializeSid

  RegQueryInfoKeyW

  shell32

  ShellExecuteExA

  SHGetPathFromIDListA

  SHGetMalloc

  SHGetSpecialFolderPathA

  SHGetSpecialFolderLocation

  ole32

  CreateStreamOnHGlobal

  CLSIDFromString

  CoTaskMemFree

  CoGetClassObject

  CLSIDFromProgID

  OleLockRunning

  StringFromGUID2

  CoTaskMemAlloc

  CoTaskMemRealloc

  CoCreateGuid

  OleUninitialize

  OleInitialize

  CoUninitialize

  CoCreateInstance

  CoInitialize

  oleaut32

  SysAllocStringLen

  LoadTypeLi

  LoadRegTypeLi

  OleCreateFontIndirect

  VarUI4FromStr

  SysStringLen

  SysAllocString

  VariantInit

  VariantClear

  SysFreeString

  wininet

  InternetQueryDataAvailable

  InternetOpenUrlA

  DeleteUrlCacheEntry

  InternetReadFile

  InternetOpenA

  InternetCloseHandle

  urlmon

  URLDownloadToFileA

  iphlpapi

  GetAdaptersInfo

  Sections

  .text

  Size: 189KB - Virtual size: 189KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 45KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ